CN111181981A - Processing method and device and computer equipment - Google Patents

Processing method and device and computer equipment Download PDF

Info

Publication number
CN111181981A
CN111181981A CN201911424015.XA CN201911424015A CN111181981A CN 111181981 A CN111181981 A CN 111181981A CN 201911424015 A CN201911424015 A CN 201911424015A CN 111181981 A CN111181981 A CN 111181981A
Authority
CN
China
Prior art keywords
target
information
answer
user
obtaining
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911424015.XA
Other languages
Chinese (zh)
Inventor
于晨晨
符博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lenovo Beijing Ltd
Original Assignee
Lenovo Beijing Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lenovo Beijing Ltd filed Critical Lenovo Beijing Ltd
Priority to CN201911424015.XA priority Critical patent/CN111181981A/en
Publication of CN111181981A publication Critical patent/CN111181981A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/33Querying
    • G06F16/332Query formulation
    • G06F16/3329Natural language query formulation or dialogue systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response

Abstract

The application relates to a processing method, a processing device and computer equipment, wherein the method comprises the steps of determining reference verification information matched with input identity information after the input identity information is obtained, and obtaining and displaying a target question according to the reference verification information, wherein the target question corresponds to a target answer generated according to the reference verification information; and then receiving a first answer input based on the displayed target question, and performing authentication verification of the identity according to the generated target answer and the input first answer. In the method and the device, the target problem is obtained and displayed according to the reference verification information during identity verification, so that the authentication verification of the identity can be realized by inputting answer information matched with the target problem by a user without inputting original verification information (such as an original password), the verification information of the user is effectively protected from being leaked, and the safety of the user verification information during identity verification is improved.

Description

Processing method and device and computer equipment
Technical Field
The present application belongs to the field of authentication verification, and in particular, to a processing method, an apparatus and a computer device.
Background
Authentication is performed according to identity information and authentication information (such as an account and a password), which is a commonly used authentication method at present. Based on this method, when a user needs to log in a certain network platform or application software, identity information and authentication information need to be input on a login interface of the network platform or the application software, however, in the process of inputting authentication information such as a password by the user, there is a risk that the authentication information is leaked, and the user may be stolen by others through peeping or the like.
Disclosure of Invention
In view of this, the present application provides a processing method, an apparatus and a computing device, so as to at least improve the security of user authentication information during authentication.
Therefore, the application discloses the following technical scheme:
a method of processing, comprising:
obtaining input identity information;
determining reference verification information matched with the identity information;
obtaining a target problem according to the reference verification information, and displaying the target problem; the target question corresponds to a target answer generated according to the reference verification information;
obtaining a first answer input based on the target question;
and performing identity authentication according to the target answer and the first answer.
Preferably, the obtaining the target problem according to the reference verification information includes:
obtaining environmental information;
and acquiring a target question matched with the reference verification information and the environment information.
Preferably, the obtaining of the target question matched with the reference verification information and the environmental information includes:
if the environmental information meets the safety condition, generating a first target question according to the reference verification information, wherein the first target question corresponds to a target answer generated in a first mode;
if the environmental information does not meet the safety condition, generating a second target question according to the reference verification information, wherein the second target question corresponds to a target answer generated in a second mode; wherein the benchmark verification information corresponds to a higher degree of security for the second target issue than for the first target issue.
Preferably, the obtaining of the target question matched with the reference verification information and the environmental information includes:
determining a target generation mode meeting a credible condition according to the reference verification information;
and obtaining a target question matched with the target generation mode, wherein the target question corresponds to a target answer generated based on the target generation mode.
The above method, preferably, the obtaining the input identity information includes:
obtaining input identity information based on the conversation unit;
the presenting the target problem comprises:
displaying the target question in a conversation unit;
the obtaining a first answer input based on the target question comprises:
obtaining a first answer input based on the target question in a conversation unit;
wherein the conversation unit is capable of being used for dynamic conversation interaction.
A processing apparatus, comprising:
the first acquisition unit is used for acquiring input identity information;
the determining unit is used for determining the reference verification information matched with the identity information;
the second acquisition unit is used for acquiring a target problem according to the reference verification information; the target question corresponds to a target answer generated according to the reference verification information;
the display unit is used for displaying the target problem;
a third obtaining unit configured to obtain a first answer input based on the target question;
and the verification unit is used for performing identity verification according to the target answer and the first answer.
The above apparatus, preferably, the second obtaining unit is specifically configured to:
obtaining environmental information;
and acquiring a target question matched with the reference verification information and the environment information.
In the apparatus, preferably, the second obtaining unit obtains a target problem matched with the reference verification information and the environmental information, and specifically includes:
if the environmental information meets the safety condition, generating a first target question according to the reference verification information, wherein the first target question corresponds to a target answer generated in a first mode;
if the environmental information does not meet the safety condition, generating a second target question according to the reference verification information, wherein the second target question corresponds to a target answer generated in a second mode; wherein the benchmark verification information corresponds to a higher degree of security for the second target issue than for the first target issue.
The above apparatus, preferably, the second obtaining unit is specifically configured to:
determining a target generation mode meeting a credible condition according to the reference verification information;
and obtaining a target question matched with the target generation mode, wherein the target question corresponds to a target answer generated based on the target generation mode.
A computer device, comprising:
a memory for storing at least one set of instructions;
a processor for calling and executing said set of instructions in said memory, said method as defined in any preceding claim being performed by executing said set of instructions.
According to the scheme, after the input identity information is obtained, the reference verification information matched with the input identity information is determined, and the target problem is obtained and displayed according to the reference verification information, wherein the target problem corresponds to the target answer generated according to the reference verification information; and then receiving a first answer input based on the displayed target question, and performing authentication verification of the identity according to the generated target answer and the input first answer. In the method and the device, the target problem is obtained and displayed according to the reference verification information during identity verification, so that the authentication verification of the identity can be realized by inputting answer information matched with the target problem by a user without inputting original verification information (such as an original password), the verification information of the user is effectively protected from being leaked, and the safety of the user verification information during identity verification is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present application, and it is obvious for those skilled in the art that other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 is a schematic flow chart of a processing method provided by an embodiment of the present application;
FIG. 2 is another schematic flow chart diagram of a processing method provided in an embodiment of the present application;
FIG. 3 is a schematic flow chart of a processing method provided by an embodiment of the present application;
FIG. 4 is a schematic flow chart of a processing method provided in an embodiment of the present application;
fig. 5 is a schematic diagram of identity registration performed in a session unit according to an embodiment of the present application;
fig. 6 is a schematic diagram of identity registration performed in a session unit according to an embodiment of the present application;
fig. 7 is another schematic diagram of identity registration performed in a session unit according to an embodiment of the present application;
fig. 8 is another schematic diagram of identity registration performed in a session unit according to an embodiment of the present application;
FIG. 9 is a schematic structural diagram of a processing apparatus provided in an embodiment of the present application;
fig. 10 is a schematic structural diagram of a computer device provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
At present, when logging in a network platform or application software, authentication verification of an identity of a user is generally required according to identity information and verification information (such as an account and a password), so that the user also needs to input the verification information such as the password after inputting the identity information such as the account of the user, however, the user is easy to peep and steal by others in the process of inputting the verification information such as the password, and the risk of leakage of the verification information such as the password exists. The processing method, the processing device and the computer equipment of the application are described by specific embodiments.
In an optional embodiment of the present application, a processing method is disclosed, where the processing method may be applied to a computer device, and the computer device to which the processing method is applied may be, but is not limited to, a portable terminal device such as a smart phone, a personal digital assistant, a tablet computer, or may also be a portable computer (such as a notebook), a desktop/all-in-one computer, or a backend server in a general/special purpose computing or configuration environment.
Optionally, the method of the present application may be applied to a background server, and when a user needs to input corresponding identity authentication information to authenticate the user, the background server of the network platform or the application software may run the processing method of the present application to authenticate the user identity; or, optionally, the processing method of the present application may also be integrated in the front-end network platform or the application software in the form of a plug-in, a functional module, or the like, and correspondingly provide the authentication and verification service of the identity for the user in the form of a plug-in, a functional module, or the like in the front-end network platform or the application software.
Referring to fig. 1, a schematic flow chart of the processing method in the present embodiment is shown, and as shown in fig. 1, the processing method in the present embodiment may include:
step 101, obtaining input identity information.
When a user needs to use a network platform or application software, the user usually needs to log in the network platform or application software first in order to enable the user to better use the functions or services of the network platform or application software.
In this step, the input identity information is obtained, which may be, but is not limited to: the method includes the steps of obtaining identity information input by a user on a network platform or a login interface of application software, specifically, detecting input operation of the user on the network platform or the login interface of the application software, and correspondingly obtaining the identity information input by the user through execution of the input operation. The obtained identity information may include, but is not limited to, any one or more types of identity information, such as a registered account, an identity card number, a mobile phone number, and a mailbox, which are input by the user through voice or text entry, and the like, which is not limited herein.
In addition, it should be noted that, although authentication for a natural person user is a typical application of the present application, in a specific implementation, the processing method of the present application may also be applied to authentication for an unnatural user such as a device, so that in this step, the input identity information is obtained, and also the identity information input by a device to be authenticated is obtained, which is not limited in this embodiment.
And 102, determining the reference verification information matched with the identity information.
The reference verification information is information registered for performing authentication verification on the user identity when the user performs identity registration on a network platform or application software in advance, and may be in the form of a password (numbers, letters and/or special characters), a voiceprint, a fingerprint and the like.
In view of the fact that a user often has a high risk of leakage when inputting authentication information in the form of a password such as numbers, letters, and/or special characters, in the embodiment of the present application, the reference authentication information mainly refers to authentication information in the form of a password such as numbers, letters, and/or special characters.
When the user performs identity registration in advance, the network platform or the background server of the application software stores the identity information and the reference verification information registered by the user in an associated manner, for example, the corresponding relationship between the account and the password of each user is stored in a form of a registered account list.
Therefore, when the identity information input by the user is obtained for identity verification of the user, the reference verification information matched with the input identity information can be inquired and obtained from the corresponding relation between the pre-stored identity information and the reference verification information to be used as the basis for authentication verification of the user identity.
And 103, acquiring a target problem according to the reference verification information, and displaying the target problem.
The method is different from the traditional technology that a user inputs identity information and verification information (such as an account and a password) together, and the authentication information is compared (such as the password input by the user is compared with a reference password), so that the authentication and verification of the user identity are realized.
Wherein the target question corresponds to a target answer generated based on the determined reference verification information.
The objective of obtaining the above objective problem is to enable the user to input the answer information corresponding to the objective problem to realize the identity authentication without inputting the original authentication information, such as the original password of the account, so as to achieve the purpose of hiding or protecting the original authentication information of the user and reduce the leakage risk.
The target answer may be information obtained by performing corresponding addition/extension processing, omission/simplification processing, or conversion processing on the reference verification information of the user, and accordingly, the target answer may be, but is not limited to, any one of the following forms:
1) information obtained by adding specified extended information to a specified position of the reference verification information;
2) partial verification information constituted of corresponding one or more bits in the reference verification information;
3) and calculating at least part of the reference verification information according to a specific calculation mode to generate the information.
The target answer is matched with the target question, and for the several forms of the target answer, the target question may be corresponding question information that can be used to instruct the user to input answer information in the increased/expanded form, or the omitted/simplified form, or the converted form.
For example, it is assumed that, when authenticating the identity of the user, the reference password of the user is determined from the account-password list according to the account information input by the user: 92 × 3501_ ln12, based on the determined reference password, any one of the following target questions for instructing the user to input corresponding answer information may be obtained, but not limited to:
a. what is your important digital information that you keep linked to your password?
b. What is the 3 rd digit of your password?
c. What is the difference between the 1 st and 5 th digits of your password?
Each of the above target questions corresponds to one target answer generated based on the reference authentication information of the user, for example, for the question a, if the important digit information remaining during the user registration is 529, the target answer may be 52992 × 3501_ ln12, and since the digits of the important digit and the password are not known by others, it is difficult to know the real password of the user; for the question b, the target answer is x, so that the real password of the user is protected, and other people are difficult to obtain; for the question c, the target answer is 4, and the true password of the user is also protected.
The obtained target problem may be a problem dynamically generated in real time by a plug-in/function module of the background server or the network platform/application software according to the reference verification information of the user, or a target problem which is read from pre-generated and stored historical problem information and is matched with the reference verification information of the user.
After the target question is obtained according to the reference verification information, the target question is further displayed, for example, after a user inputs identity information such as an account to a login interface of the network platform or the application software, the obtained target question is dynamically displayed on the login interface of the network platform or the application software in response to the identity information input by the user, so as to indicate the user to input matched answer information.
And 104, obtaining a first answer input based on the target question.
The user can input corresponding answer information, namely the first answer, according to the indication of the target question.
If the target problem indicates, inputting an information result formed by adding corresponding information on the basis of the original password, or inputting an information result obtained by briefly processing the original password, or inputting an information result obtained by calculating at least part of the original password in a specified calculation mode, and the like.
Correspondingly, for an execution main body such as a background server or a plug-in, a function module, etc., a first answer input by a user may be obtained, wherein if the execution main body of the application is the background server of a network platform or application software, etc., a front-end network platform or application software may transmit the first answer to the background server through an interface and a network after obtaining the first answer input by the user, and if the execution main body of the application is the plug-in or the function module of the network platform or application software, the plug-in or the function module of the network platform or application software may obtain the first answer, so as to perform subsequent identity authentication processing on the first answer.
And 105, performing identity authentication according to the target answer and the first answer.
The first answer input by the user according to the indication of the target question may be the same as or different from the target answer corresponding to the target question.
The authentication verification of the user identity can be realized by matching the first answer input by the user with the target answer corresponding to the target question.
If the first answer input by the user is matched with the target answer, the answer input by the user is correct, so that the user can successfully log in a network platform or application software through authentication and verification; otherwise, if the first answer input by the user is not matched with the target answer, the answer input by the user is wrong, so that the user does not pass authentication verification, and the login of the network platform or the application software is failed correspondingly.
In the embodiment, when the identity is verified, the target problem is acquired and displayed according to the reference verification information, so that the authentication verification of the identity can be realized by inputting answer information matched with the target problem by a user without inputting original verification information (such as an original password), the verification information of the user is effectively protected from being leaked, and the safety of the user verification information during the identity verification is improved.
In an alternative embodiment of the present application, referring to fig. 2, another flow chart of the processing method of the present application is shown, and the processing method may be implemented by the following processing procedures:
step 201, obtaining the input identity information.
Step 202, determining the reference verification information matched with the identity information.
Steps 201 to 202 are the same as steps 101 to 102 in the above embodiments, and specific reference may be made to the related description of steps 101 to 102 in the above embodiments, which is not repeated here.
And step 203, obtaining environment information.
The acquired environment information is environment information of an environment where the user is located when the identity information is input.
What is different from the previous embodiment is that, in the present embodiment, when the target problem is obtained, in addition to the reference verification information of the user, the environment information of the environment where the user is located is referred to, that is, the environment information of the environment where the user is located when the user inputs the identity information is also used as one of the obtaining bases of the target problem.
The environment information may include, but is not limited to, environment sound information, environment image information, and/or environment infrared information obtained by sound information acquisition, image information acquisition, and/or infrared information acquisition of an environment in which the user is located when the user inputs identity information.
In the implementation, a sound collecting device, an image collecting device and/or an infrared collecting device such as a mic, a camera and/or an infrared imager on the user equipment (such as a portable terminal such as a mobile phone, a tablet, a personal digital assistant) can be utilized to collect the environmental information of the current environment where the user is located when the user inputs the identity information,
specifically, when the network platform or the application software provides a login interface for a user and detects that the user executes an input operation, a request for starting an equipment acquisition device can be sent to an operating system of the equipment so as to start an information acquisition device such as a mic, a camera and/or an infrared imager of the equipment, the information acquisition device is used for acquiring environmental information of the current environment of the user, the environmental information acquired by the information acquisition device is acquired, and the environmental information is transmitted to the background server or the plug-in/function module of the network platform/application software.
Step 204, obtaining target problems corresponding to the reference verification information and the environment information; the target question corresponds to a target answer generated based on the benchmark validation information.
After the reference verification information of the user and the environment information of the environment where the user is located are obtained, the target problem is obtained by combining the reference verification information of the user and the environment information.
As a possible implementation manner, the target question for authenticating the user may be dynamically generated in real time based on the obtained reference authentication information and the environment information.
The implementation process for dynamically generating the target problem in real time may include:
if the environmental information meets the safety condition, generating a first target problem according to the reference verification information; the first target question corresponds to a target answer generated in a first mode;
if the environmental information does not meet the safety condition, generating a second target problem according to the reference verification information; the second target question corresponds to the target answer generated in the second mode; wherein the reference authentication information corresponds to a higher degree of security for the second target issue than for the first target issue.
And judging whether the environment information meets the safety condition or not, and aiming at determining whether the environment where the user is located is safe or the safety degree is high or low, so as to dynamically generate a target problem matched with the environmental safety.
The above-mentioned security condition may be, optionally, an environmental condition or a scene condition that is set in advance for the information content of the environmental information and can be used to represent that the environment is a secure environment.
Different environments usually correspond to different safety degrees, for example, a public environment with more people and noise usually considers that the safety degree is lower, and an occasion with less people and silence (such as a single occasion with only one user, a family occasion with only a few people, or a quite office occasion, etc.), the safety degree is usually considered to be higher, the environmental characteristics can be extracted by carrying out characteristic analysis on the collected environmental information, more specifically, for example, by carrying out voiceprint analysis and volume analysis on the collected environmental sound, carrying out face/human body recognition, behavior and the like on the collected image information/infrared information, and extracting voiceprint characteristics, volume size, face/human body characteristics, and behavior characteristics of different people, noise degree and other environmental characteristics of the environment can be determined according to the extracted characteristics, then, whether the environment where the user is located is safe is determined by judging whether the environmental characteristics meet the environmental conditions (such as the environmental conditions with the number of people threshold and/or the volume threshold).
Or optionally, after determining the number of people in the environment and/or the environmental characteristics such as the noise degree, the environment where the user is located may be further identified according to the environmental characteristics, which scene the user is located in among preset scenes (such as a private scene, a public scene, an office scene, a home scene, etc.), and then whether the environment where the user is located is safe is determined by matching the identified scene with scene conditions (such as scene conditions that the scenes of the types of private and home, etc. are set as safe scenes, etc.).
If the environmental information meets the safety condition, for example, the environmental information meets the set environmental condition or scene condition which can be used for representing that the environment is the safety environment, a first target problem is generated according to the reference verification information, and if the environmental information does not meet the safety condition, a second target problem is generated according to the reference verification information; and the first target question corresponds to the target answer generated in the first way, and the second target question corresponds to the target answer generated in the first way.
It is easy to understand that, since the second mode has a lower security degree of the environment corresponding to the second mode than the first mode, the generation of the target answer in the second mode can enable the benchmark verification information to have a higher security degree than the generation of the target answer in the first mode, that is, the benchmark verification information corresponds to the second target question with a higher security degree than the first target question.
Correspondingly, in the second mode, the processing procedure of generating the target answer based on the reference verification information of the user is more complicated, so that the reference verification information of the user can still have higher safety under a low-safety environment and is not easy to leak.
Thus, the first mode may be an answer generation mode in which only the reference verification information is simply processed to obtain the target answer, for example, if the reference password of the user is "92 × 3501_ ln 1", the first mode may be a mode in which one, several, or all digits (in this mode, the target answer is the reference password) of the reference password are directly specified as the target answer, and the first mode may be adopted in a home scene, a private scene, or the like with a high security level; in contrast, the second mode may be an answer generation mode for obtaining a target answer by performing more complex processing on the reference verification information, and still taking the reference password as an example, the second mode may be a mode for obtaining a target answer by performing corresponding calculation on some bits of the reference verification information, for example, the target answer is obtained by adding the 1 st bit to the 5 th bit and subtracting the 7 th bit of the reference password, and the more complex the processing process for obtaining a target answer based on the reference verification information is, the less easily others can reverse the real reference verification information of the user based on the answer information input by the user, so that the higher the security of the reference verification information is, the second mode is applicable to public scenes with noisy environment and low security.
As another possible implementation manner, after the reference verification information and the environmental information are obtained, the target question matched with the reference verification information and the environmental information may be read from the pre-stored historical question information. The stored historical problem information may be, without limitation, various candidate problems generated in advance based on reference authentication information registered by the user and combined with various assumed environments/scenarios when the user performs identity registration, and/or problem information corresponding to the reference authentication information of the user and various environments/scenarios generated in the historical identity authentication process of the user.
And step 205, displaying the target problem.
And after the target question matched with the reference verification information and the environment information of the user is obtained, displaying the target question for indicating the user to input matched answer information.
And step 206, obtaining a first answer input based on the target question.
And step 207, performing identity authentication according to the target answer and the first answer.
Steps 206 to 207 are the same as steps 104 to 105 in the above embodiment, and reference may be specifically made to the related description of steps 101 to 102 in the above embodiment, which is not described herein again.
In this embodiment, when the target problem is obtained, in addition to the reference verification information of the user, the environmental factor is also referred to, and the environmental information of the environment where the user inputs the identity information is used as another basis for obtaining the target problem, so that the security of the obtained target problem is dynamically adjusted according to the environmental information, and the security of the user verification information during the identity verification can be ensured in a low-security environment.
In an alternative embodiment of the present application, referring to fig. 3, the processing method may also be implemented by the following processing procedures:
step 301, obtaining the input identity information.
Step 302, determining the reference verification information matched with the identity information.
Steps 301 to 302 are the same as steps 101 to 102 in the above embodiment, and specific reference may be made to the related description of steps 101 to 102 in the above embodiment, which is not repeated here.
And step 303, determining a target generation mode meeting the credibility condition according to the reference verification information.
When the user is authenticated, the target problem is generated, and the user is indicated to input authentication information different from the originally registered real authentication information (namely, reference authentication information such as a reference password), so that the real authentication information is hidden, the real authentication information of the user can be protected from being leaked, the safety of the user authentication information is improved to a certain extent, and the user can be prevented from being stolen by other people in modes such as peeping and the like during authentication.
However, the inventor finds that, since the user is authenticated by generating a target question, if the target question or the target answer corresponding to the target question is too simple, it is easy for unauthorized users to randomly input the correct answer (colloquially understood as being easy to be masked to the answer), and then to pass through authentication, which also results in insecurity of the user information from another perspective, for example, for the above-mentioned password information "92 x 3501_ ln 1", what is the 5 th bit of your password? ", assuming that the number of characters (numbers, letters + special characters) on the keyboard of the device is 3 in total, the number of times of inputting answers is allowed to be limited to 3, then the probability of inputting correct answers (Mongolian pairs) randomly by unauthorized users is 3/n, and the probability of inputting correct answers randomly is higher.
In this embodiment, in order to solve the problem, when obtaining the target problem, first, a target generation manner that satisfies the credibility condition is determined according to the reference verification information, where the target generation manner is a manner used when generating a target answer based on the reference verification information of the user.
The trusted condition here can be understood as: the generated target answer has higher safety degree aiming at the benchmark verification information of the user, and the condition that the correct answer is difficult to be input by an unauthorized user in a random mode is met. In view of this, in a specific implementation, the trusted condition may optionally be: the random input accuracy of the corresponding target answer is lower than a set threshold value.
For the sake of understanding, it is assumed that the maximum number of allowed inputs is 3, as for the above-mentioned password "92 x 3501_ ln 1", for example, then, the random input accuracy of the generated target answer is 3/n in the answer generation mode in which one bit is designated as the target answer, and the random input accuracy of the generated target answer is 3/n in the answer generation mode in which two bits are designated as the target answer2More complicated generation methods (e.g., generating target answers by corresponding calculations) correspond to lower random input accuracy, and the difficulty of random input of correct answers by unauthorized users is increased.
In addition, optionally, the trusted condition may be: and the complexity of the generation mode for generating the target answer reaches a set complexity threshold.
Specifically, the more complicated the processing procedure corresponding to the generation method for generating the target answer, the higher the complexity, and the higher the complexity of the corresponding target question, for this case, a higher complexity value may be assigned to the generation method, for example, the generation method of "specifying a certain bit in the password as the target answer" is simpler, a smaller complexity value may be assigned to the generation method, and the generation method of "obtaining the target answer by performing corresponding calculation on a certain two bits or other number of bits in the password" is relatively complicated, and a larger complexity value may be assigned to the generation method.
Therefore, the target generation mode meeting the credible condition is selected and determined from the multiple generation modes of the target answer, so that the safety degree of the generated target answer can be effectively ensured, the probability that the target answer is randomly and correctly input is reduced, and the safety of user information can be correspondingly improved.
And 304, obtaining a target question matched with the target generation mode, wherein the target question corresponds to a target answer generated based on the target generation mode.
After the target generation manner is determined, a target question matching the target generation manner may be further obtained, for example, assuming that the reference password is "92 × 3501_ ln 1", the determined target generation manner for generating the target answer is: calculating the sum of the 2 nd bit, the 5 th bit and the 7 th bit of the password, the obtained target answer may be: what is the sum of 2 nd, 5 th and 7 th digits of your password? .
The target problem matching with the target generation method may be specifically generated dynamically in real time according to the determined generation method, or may be read from a pre-stored history problem, which is not limited herein.
And 305, displaying the target problem.
After the target question is generated, the target question is presented for instructing the user to input answer information matching the target question.
Step 306, obtaining a first answer input based on the target question.
And 307, performing identity authentication according to the target answer and the first answer.
Steps 306 to 307 are the same as steps 104 to 105 in the above embodiments, and reference may be specifically made to the related description of steps 101 to 102 in the above embodiments, which is not repeated here.
In the embodiment, by determining the target generation mode (the mode adopted when the answer is generated according to the reference verification information) meeting the credibility condition and acquiring and displaying the target question matched with the target generation mode, the credibility of the generation mode adopted when the answer is generated according to the reference verification information can be effectively ensured, and correspondingly, the probability that an unauthorized user inputs a correct answer (which can be understood as a Mongolian answer) in a random mode can be reduced, so that the safety of user information is further improved.
In an optional embodiment of the present application, the processing method of the present application may be used to authenticate the user in a chat interaction scenario based on a customer service robot (e.g., a network platform/application software customer service robot).
In a chat interaction scene with a customer service robot, the customer service robot often needs to acquire more user information in order to make a better decision and interact, which relates to a login problem of a user.
When a user needs to log in during a chat process, the current conventional method is to jump out a dialog box and call and jump to a specified login page for account login, and the mode needs to call an additional login page and perform page jump, so that the efficiency of user login operation is low, the chat interaction efficiency of the user is further reduced, and meanwhile, the operation process is not friendly enough for the user.
To solve this problem, as shown in fig. 4, in this embodiment, the processing method may also be implemented by the following processing procedures:
step 401, obtaining input identity information based on a session unit;
wherein the conversation unit is capable of being used for dynamic conversation interaction.
Specifically, the session unit may be, but is not limited to: a dialog box, a conversation window/a chat window which are provided by a network platform or application software and can be used for carrying out dynamic conversation interaction with a user; such as a service robot-based intelligent question and answer dialog box provided by a network platform or application software.
Compared with the prior art, when a user logs in a network platform or application software, the method has the advantages that page jumping, dialog box jumping and additional login page calling are carried out to realize login, and in the embodiment of the application, when the user logs in the session interaction process, the user directly completes login based on the current session unit.
Specifically, login indication information for indicating that the user inputs registered identity information may be directly output in the current session unit.
Based on the indication of the login indication information, the user may input the registered identity information of the account, the mobile phone number, the mailbox, or the like in the session unit, and correspondingly, the network platform or the application software may obtain the identity information input by the user based on the session unit.
For a better understanding, the following examples are given.
Specifically, as shown in fig. 5, in a dialog box for a user to perform a dialog with a customer service robot, in order to obtain more portrait data of the user so as to provide a better service for the user, an account login needs to be performed by the user in the process of performing a dialog interaction based on the dialog box, in this embodiment, login indication information is directly output in the current dialog, for example, "login for you, please input a login mailbox or a mobile phone number" in fig. 5, based on the login indication information, the user inputs registered identity information such as a mailbox or a mobile phone number in the dialog box, and the network platform or the application software obtains the identity information input by the user in the dialog box, for example, in fig. 5, the registered mobile phone number input by the user in the dialog box provided by the customer service robot is specifically obtained.
Step 402, determining the reference verification information matched with the identity information.
And step 403, obtaining the target problem according to the reference verification information.
After the user inputs the registered identity information such as the mobile phone number, the mailbox or the account, the user further inputs verification information such as a password to realize authentication verification of the user identity.
In order to protect the authentication information such as the password of the user from being leaked when the user is authenticated, the present embodiment further determines the reference authentication information that matches the identity information of the user, and obtains the target question indicating that the user inputs the target answer (the answer information generated based on the reference authentication information) instead of the registered authentication information (such as the original password) according to the reference authentication information, so that the user can perform authentication without inputting the registered authentication information such as the password by inputting the target answer, and the security of the user authentication information can be effectively protected.
Step 402 is the same as step 102 in the above embodiment, step 403 is a part of step 103 in the above embodiment, and for steps 402-403, reference may be specifically made to the related descriptions of steps 102-103 in the above embodiment, and details of these two steps are not described here.
And step 404, displaying the target problem in a conversation unit.
After the target question is obtained, in the present embodiment, the obtained target question is presented in the conversation unit.
As shown in fig. 5, the target question of "please input your password for the second and sixth bits, for example, a and c, please return ac" is shown in the dialog box of the customer service robot.
Step 405, obtaining a first answer input based on the target question in the conversation unit.
The target question indicates answer information to be input by the user.
Based on the displayed target question, the user can input answer information in the conversation unit, and accordingly, the network platform or the application software can obtain the first answer input by the user in the conversation unit.
It should be noted that, when the user inputs the first answer into the session unit, in order to further protect the first answer from being leaked, the answer information input by the user may be hidden in the session unit by using placeholders (e.g., star symbols, dot symbols) and the like.
As shown in fig. 5, the user inputs the second digit and the sixth digit of the password in the dialog box of the customer service robot, and accordingly, the second digit and the sixth digit of the password input by the user are hidden at the corresponding display positions of the dialog box to avoid the password from being leaked.
And 406, performing identity authentication according to the target answer and the first answer.
And finally, authentication verification can be carried out on the user identity according to the first answer input by the user and the target answer corresponding to the target question.
If the first answer input by the user is matched with the target answer, the answer input by the user is correct, so that the user can successfully log in a network platform or application software through authentication and verification; otherwise, if the first answer input by the user is not matched with the target answer, the answer input by the user is wrong, so that the user does not pass authentication verification, and the login of the network platform or the application software is failed correspondingly.
It should be noted that, in the specific implementation, it is not limited to perform only login and authentication processing on the user in a session unit such as a dialog box, and the registration processing on the identity information may also be performed on the user in the session unit, so that in the session process, if the user needs to perform identity registration, it is not necessary to perform page jump, jump out of the dialog box, and call out an additional registration interface, but the identity registration may be directly completed in the current dialog box.
As shown in fig. 6, which is a schematic diagram illustrating a process of identity registration in a dialog box, the process includes:
1) displaying registration indication information in a session unit;
as shown in fig. 6, registration indication information "you need to register, please input your mobile phone number or mailbox as an account" is shown in a dialog box to indicate that the user inputs identity information to be registered.
2) Acquiring identity information to be registered input in a session unit;
based on the displayed registration indication information, the user inputs identity information to be registered to the conversation unit.
As shown in fig. 6, the user inputs his/her mobile phone number, and accordingly, the mobile phone number input in the session unit can be obtained as the identity information of the user registration.
3) Acquiring verification indication information, and displaying the verification indication information in a session unit;
the authentication indication information is used to indicate the user to input authentication information of the registered identity information, and more specifically, for example, the user may be indicated to input a password as a basis for identity authentication at the time of subsequent login.
As shown in fig. 6, the dialog box specifically shows the authentication instruction information "please set the password".
In particular implementations, the password may be entered two or more times by the user to enable password confirmation.
5) And acquiring the verification information input in the session unit, and storing the corresponding relation between the identity information and the verification information to finish registration.
It should be further noted that, in practical implementation, the verification information used for performing authentication verification on the user identity is not limited to the form of a password, as shown in fig. 7 and 8, and a dynamic verification code may also be used to complete user identity registration or user identity verification during login, which is not limited in this embodiment.
In the embodiment, in the session process, the identity registration, login and verification of the user can be directly carried out in the session unit without jumping out of the current session unit and calling out an additional registration/login interface and executing page jump operation, so that the processing process of a network platform or application software is simplified, the power consumption of equipment is saved, and convenience is provided for the identity registration or login of the user in the session process.
Corresponding to the processing method, the embodiment of the present application further discloses a processing apparatus, where the processing apparatus may be applied to a computer device, and the computer device to which the processing apparatus is applied may be, but is not limited to, a portable terminal device such as a smart phone, a personal digital assistant, a tablet computer, or may also be a portable computer (such as a notebook), a desktop/all-in-one computer, or a backend server in a general/special-purpose computing or configuration environment.
Optionally, the processing device of the present application may be applied to a background server, and when a user needs to input corresponding identity authentication information to authenticate the user, the background server of the network platform or the application software may run the processing device of the present application to authenticate the user identity; or, optionally, the processing apparatus of the present application may be integrated in the front-end network platform or the application software in the form of a plug-in, a functional module, or the like, and correspondingly provide the authentication and verification service of the identity for the user in the form of a plug-in, a functional module, or the like in the front-end network platform or the application software.
Referring to the schematic structural diagram of the processing apparatus shown in fig. 9, the processing apparatus may include:
a first obtaining unit 901, configured to obtain the input identity information.
The first obtaining unit 901 obtains the input identity information, which may be, but is not limited to: the method includes the steps of obtaining identity information input by a user on a network platform or a login interface of application software, specifically, detecting input operation of the user on the network platform or the login interface of the application software, and correspondingly obtaining the identity information input by the user through execution of the input operation. The obtained identity information may include, but is not limited to, any one or more types of identity information, such as a registered account, an identity card number, a mobile phone number, and a mailbox, which are input by the user through voice or text entry, and the like, which is not limited herein.
A determining unit 902, configured to determine reference verification information that matches the identity information.
When the user performs identity registration in advance, the network platform or the background server of the application software stores the identity information and the reference verification information registered by the user in an associated manner, for example, the corresponding relationship between the account and the password of each user is stored in a form of a registered account list.
Therefore, when the identity information input by the user is obtained for identity verification of the user, the reference verification information matched with the input identity information can be inquired and obtained from the corresponding relation between the pre-stored identity information and the reference verification information to be used as the basis for authentication verification of the user identity.
A second obtaining unit 903, configured to obtain a target question according to the reference verification information; the target question corresponds to a target answer generated according to the reference verification information.
The method is different from the traditional technology that a user inputs identity information and verification information (such as an account and a password) together, and the authentication information is compared (such as the password input by the user is compared with a reference password), so that the authentication and verification of the user identity are realized.
Wherein the target question corresponds to a target answer generated based on the determined reference verification information.
The target answer may be information obtained by performing corresponding addition/extension processing, omission/simplification processing, or conversion processing on the reference verification information of the user.
The target answer is matched with the target question, and for the several forms of the target answer, the target question may be corresponding question information that can be used to instruct the user to input answer information in the increased/expanded form, or the omitted/simplified form, or the converted form.
The obtained target problem may be a problem dynamically generated in real time by a plug-in/function module of the background server or the network platform/application software according to the reference verification information of the user, or a target problem which is read from pre-generated and stored historical problem information and is matched with the reference verification information of the user.
A display unit 904 for displaying the target question.
After the target question is obtained according to the reference verification information, the target question is further displayed, for example, after a user inputs identity information such as an account to a login interface of the network platform or the application software, the obtained target question is dynamically displayed on the login interface of the network platform or the application software in response to the identity information input by the user, so as to indicate the user to input matched answer information.
A third obtaining unit 905, configured to obtain a first answer input based on the target question.
The user can input corresponding answer information, namely the first answer, according to the indication of the target question.
Correspondingly, for the execution main body of the background server or the plug-in, the functional module, etc., the first answer input by the user can be obtained, wherein if the execution main body of the application device is the background server of the network platform or the application software, etc., the front-end network platform or the application software can transmit the first answer to the background server through the interface and the network after obtaining the first answer input by the user, and if the execution main body of the application is the plug-in or the functional module of the network platform or the application software, the plug-in or the functional module of the network platform or the application software can obtain the first answer, so as to perform the subsequent identity authentication processing on the first answer.
The verification unit 906 is configured to perform identity verification according to the target answer and the first answer.
The first answer input by the user according to the indication of the target question may be the same as or different from the target answer corresponding to the target question.
The authentication verification of the user identity can be realized by matching the first answer input by the user with the target answer corresponding to the target question.
In the embodiment, when the identity is verified, the target problem is acquired and displayed according to the reference verification information, so that the authentication verification of the identity can be realized by inputting answer information matched with the target problem by a user without inputting original verification information (such as an original password), the verification information of the user is effectively protected from being leaked, and the safety of the user verification information during the identity verification is improved.
In an optional embodiment of the present application, the second obtaining unit 903 in the processing apparatus is specifically configured to:
obtaining environmental information;
and acquiring a target question matched with the reference verification information and the environment information.
The acquired environment information is environment information of an environment where the user is located when the identity information is input.
The environment information may include, but is not limited to, environment sound information, environment image information, and/or environment infrared information obtained by sound information acquisition, image information acquisition, and/or infrared information acquisition of an environment in which the user is located when the user inputs identity information.
In the implementation, a sound collecting device, an image collecting device and/or an infrared collecting device such as a mic, a camera and/or an infrared imager on the user equipment (such as a portable terminal such as a mobile phone, a tablet, a personal digital assistant) can be utilized to collect the environmental information of the current environment where the user is located when the user inputs the identity information,
after the reference verification information of the user and the environment information of the environment where the user is located are obtained, the target problem is obtained by combining the reference verification information of the user and the environment information.
As a possible implementation manner, the target question for authenticating the user may be dynamically generated in real time based on the obtained reference authentication information and the environment information.
The implementation process for dynamically generating the target problem in real time may include:
if the environmental information meets the safety condition, generating a first target problem according to the reference verification information; the first target question corresponds to a target answer generated in a first mode;
if the environmental information does not meet the safety condition, generating a second target problem according to the reference verification information; the second target question corresponds to the target answer generated in the second mode; wherein the reference authentication information corresponds to a higher degree of security for the second target issue than for the first target issue.
As another possible implementation manner, after the reference verification information and the environmental information are obtained, the target question matched with the reference verification information and the environmental information may be read from the pre-stored historical question information. The stored historical problem information may be, without limitation, various candidate problems generated in advance based on reference authentication information registered by the user and combined with various assumed environments/scenarios when the user performs identity registration, and/or problem information corresponding to the reference authentication information of the user and various environments/scenarios generated in the historical identity authentication process of the user.
In this embodiment, when the target problem is obtained, in addition to the reference verification information of the user, the environmental factor is also referred to, and the environmental information of the environment where the user inputs the identity information is used as another basis for obtaining the target problem, so that the security of the obtained target problem is dynamically adjusted according to the environmental information, and the security of the user verification information during the identity verification can be ensured in a low-security environment.
In an optional embodiment of the present application, the second obtaining unit 903 in the processing apparatus is specifically configured to:
determining a target generation mode meeting a credible condition according to the determined reference verification information;
and obtaining a target question matched with the target generation mode, wherein the target question corresponds to a target answer generated based on the target generation mode.
The trusted condition here can be understood as: the generated target answer has higher safety degree aiming at the benchmark verification information of the user, and the condition that the correct answer is difficult to be input by an unauthorized user in a random mode is met. In view of this, in a specific implementation, the trusted condition may optionally be: the random input accuracy of the corresponding target answer is lower than a set threshold value.
In addition, optionally, the trusted condition may be: and the complexity of the generation mode for generating the target answer reaches a set complexity threshold.
Specifically, the more complicated the processing procedure corresponding to the generation method for generating the target answer, the higher the complexity, and the higher the complexity of the corresponding target question, for this case, a higher complexity value may be assigned to the generation method, for example, the generation method of "specifying a certain bit in the password as the target answer" is simpler, a smaller complexity value may be assigned to the generation method, and the generation method of "obtaining the target answer by performing corresponding calculation on a certain two bits or other number of bits in the password" is relatively complicated, and a larger complexity value may be assigned to the generation method.
Therefore, the target generation mode meeting the credible condition is selected and determined from the multiple generation modes of the target answer, so that the safety degree of the generated target answer can be effectively ensured, the probability that the target answer is randomly and correctly input is reduced, and the safety of user information can be correspondingly improved.
After the target generation mode is determined, the target problem matched with the target generation mode can be further obtained.
The target problem matching with the target generation method may be specifically generated dynamically in real time according to the determined generation method, or may be read from a pre-stored history problem, which is not limited herein.
In the embodiment, by determining the target generation mode (the mode adopted when the answer is generated according to the reference verification information) meeting the credibility condition and acquiring and displaying the target question matched with the target generation mode, the credibility of the generation mode adopted when the answer is generated according to the reference verification information can be effectively ensured, and correspondingly, the probability that an unauthorized user inputs a correct answer (which can be understood as a Mongolian answer) in a random mode can be reduced, so that the safety of user information is further improved.
In an optional embodiment of the present application, the obtaining, by the first obtaining unit 901, the input identity information may include:
the input identity information is obtained based on the conversation element.
Wherein, the conversation unit can be used for carrying out dynamic conversation interaction.
Specifically, the session unit may be, but is not limited to: a dialog box, a conversation window/a chat window which are provided by a network platform or application software and can be used for carrying out dynamic conversation interaction with a user; such as a service robot-based intelligent question and answer dialog box provided by a network platform or application software.
In the embodiment of the application, when a user needs to log in the session interaction process, the user directly completes the login based on the current session unit.
Specifically, login indication information for indicating that the user inputs registered identity information may be directly output in the current session unit.
Based on the indication of the login indication information, the user may input the registered identity information of the account, the mobile phone number, the mailbox, or the like in the session unit, and correspondingly, the network platform or the application software may obtain the identity information input by the user based on the session unit.
The presentation unit 904 presents the target issue, which may include:
and displaying the target problem in a conversation unit.
After the target question is obtained, in the present embodiment, the obtained target question is presented in the conversation unit.
As shown in fig. 5, the target question of "please input your password for the second and sixth bits, for example, a and c, please return ac" is shown in the dialog box of the customer service robot.
The third obtaining unit 905 obtains the first answer input based on the target question, and may include:
obtaining a first answer input based on the target question in a conversation unit;
the target question indicates answer information to be input by the user.
Based on the displayed target question, the user can input answer information in the conversation unit, and accordingly, the network platform or the application software can obtain the first answer input by the user in the conversation unit.
It should be noted that, when the user inputs the first answer into the session unit, in order to further protect the first answer from being leaked, the answer information input by the user may be hidden in the session unit by using placeholders (e.g., star symbols, dot symbols) and the like.
It should be noted that, in the specific implementation, it is not limited to perform only login and authentication processing on the user in a session unit such as a dialog box, and the registration processing on the identity information may also be performed on the user in the session unit, so that in the session process, if the user needs to perform identity registration, it is not necessary to perform page jump, jump out of the dialog box, and call out an additional registration interface, but the identity registration may be directly completed in the current dialog box.
It should be further noted that, in practical implementation, the verification information used for performing authentication verification on the user identity is not limited to the form of a password, as shown in fig. 7 and 8, and a dynamic verification code may also be used to complete user identity registration or user identity verification during login, which is not limited in this embodiment.
In the embodiment, in the session process, the identity registration, login and verification of the user can be directly carried out in the session unit without jumping out of the current session unit and calling out an additional registration/login interface and executing page jump operation, so that the processing process of a network platform or application software is simplified, the power consumption of equipment is saved, and convenience is provided for the identity registration or login of the user in the session process.
Corresponding to the processing method, the application also discloses a computer device, which can be, but is not limited to, a portable terminal device such as a smart phone, a personal digital assistant, a tablet computer and the like, or can also be a portable computer (such as a notebook), a desktop/all-in-one computer or a background server and the like in a general/special computing or configuration environment.
Referring to the schematic structural diagram of the computer device shown in fig. 10, the computer device may include:
a memory 1001 for storing at least one set of instructions;
a processor 1002 for calling and executing the instruction set in the memory, and executing the instruction set to execute the processing method according to any of the above embodiments.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other.
For convenience of description, the above system or apparatus is described as being divided into various modules or units by function, respectively. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present application may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments of the present application.
Finally, it is further noted that, herein, relational terms such as first, second, third, fourth, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The foregoing is only a preferred embodiment of the present application and it should be noted that those skilled in the art can make several improvements and modifications without departing from the principle of the present application, and these improvements and modifications should also be considered as the protection scope of the present application.

Claims (10)

1. A method of processing, comprising:
obtaining input identity information;
determining reference verification information matched with the identity information;
obtaining a target problem according to the reference verification information, and displaying the target problem; the target question corresponds to a target answer generated according to the reference verification information;
obtaining a first answer input based on the target question;
and performing identity authentication according to the target answer and the first answer.
2. The method of claim 1, said obtaining a target question from said benchmark validation information comprising:
obtaining environmental information;
and acquiring a target question matched with the reference verification information and the environment information.
3. The method of claim 2, the obtaining a target question that matches the benchmark validation information and the environmental information, comprising:
if the environmental information meets the safety condition, generating a first target question according to the reference verification information, wherein the first target question corresponds to a target answer generated in a first mode;
if the environmental information does not meet the safety condition, generating a second target question according to the reference verification information, wherein the second target question corresponds to a target answer generated in a second mode; wherein the benchmark verification information corresponds to a higher degree of security for the second target issue than for the first target issue.
4. The method of claim 1, the obtaining a target question that matches the benchmark validation information and the environmental information, comprising:
determining a target generation mode meeting a credible condition according to the reference verification information;
and obtaining a target question matched with the target generation mode, wherein the target question corresponds to a target answer generated based on the target generation mode.
5. The method of claim 1, the obtaining input identity information comprising:
obtaining input identity information based on the conversation unit;
the presenting the target problem comprises:
displaying the target question in a conversation unit;
the obtaining a first answer input based on the target question comprises:
obtaining a first answer input based on the target question in a conversation unit;
wherein the conversation unit is capable of being used for dynamic conversation interaction.
6. A processing apparatus, comprising:
the first acquisition unit is used for acquiring input identity information;
the determining unit is used for determining the reference verification information matched with the identity information;
the second acquisition unit is used for acquiring a target problem according to the reference verification information; the target question corresponds to a target answer generated according to the reference verification information;
the display unit is used for displaying the target problem;
a third obtaining unit configured to obtain a first answer input based on the target question;
and the verification unit is used for performing identity verification according to the target answer and the first answer.
7. The apparatus according to claim 6, wherein the second obtaining unit is specifically configured to:
obtaining environmental information;
and acquiring a target question matched with the reference verification information and the environment information.
8. The apparatus according to claim 7, wherein the second obtaining unit obtains the target question matching the reference verification information and the environmental information, and specifically includes:
if the environmental information meets the safety condition, generating a first target question according to the reference verification information, wherein the first target question corresponds to a target answer generated in a first mode;
if the environmental information does not meet the safety condition, generating a second target question according to the reference verification information, wherein the second target question corresponds to a target answer generated in a second mode; wherein the benchmark verification information corresponds to a higher degree of security for the second target issue than for the first target issue.
9. The apparatus according to claim 6, wherein the second obtaining unit is specifically configured to:
determining a target generation mode meeting a credible condition according to the reference verification information;
and obtaining a target question matched with the target generation mode, wherein the target question corresponds to a target answer generated based on the target generation mode.
10. A computer device, comprising:
a memory for storing at least one set of instructions;
a processor for invoking and executing said set of instructions in said memory, the method of any of claims 1-5 being performed by executing said set of instructions.
CN201911424015.XA 2019-12-31 2019-12-31 Processing method and device and computer equipment Pending CN111181981A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911424015.XA CN111181981A (en) 2019-12-31 2019-12-31 Processing method and device and computer equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911424015.XA CN111181981A (en) 2019-12-31 2019-12-31 Processing method and device and computer equipment

Publications (1)

Publication Number Publication Date
CN111181981A true CN111181981A (en) 2020-05-19

Family

ID=70621751

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911424015.XA Pending CN111181981A (en) 2019-12-31 2019-12-31 Processing method and device and computer equipment

Country Status (1)

Country Link
CN (1) CN111181981A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112989299A (en) * 2021-03-11 2021-06-18 恒睿(重庆)人工智能技术研究院有限公司 Interactive identity recognition method, system, device and medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101902328A (en) * 2009-05-27 2010-12-01 林廷 Method for verifying user identity by using dynamic passwords
CN103957202A (en) * 2014-04-22 2014-07-30 中国工商银行股份有限公司 Safety login method and system
CN104036780A (en) * 2013-03-05 2014-09-10 阿里巴巴集团控股有限公司 Man-machine identification method and system
CN105516133A (en) * 2015-12-08 2016-04-20 腾讯科技(深圳)有限公司 User identity verification method, server and client
US20170012965A1 (en) * 2014-01-31 2017-01-12 British Telecommunications Public Limited Company Access control system
CN108768654A (en) * 2018-04-09 2018-11-06 平安科技(深圳)有限公司 Auth method, server based on Application on Voiceprint Recognition and storage medium
CN109428719A (en) * 2017-08-22 2019-03-05 阿里巴巴集团控股有限公司 A kind of auth method, device and equipment

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101902328A (en) * 2009-05-27 2010-12-01 林廷 Method for verifying user identity by using dynamic passwords
CN104036780A (en) * 2013-03-05 2014-09-10 阿里巴巴集团控股有限公司 Man-machine identification method and system
US20170012965A1 (en) * 2014-01-31 2017-01-12 British Telecommunications Public Limited Company Access control system
CN103957202A (en) * 2014-04-22 2014-07-30 中国工商银行股份有限公司 Safety login method and system
CN105516133A (en) * 2015-12-08 2016-04-20 腾讯科技(深圳)有限公司 User identity verification method, server and client
CN109428719A (en) * 2017-08-22 2019-03-05 阿里巴巴集团控股有限公司 A kind of auth method, device and equipment
CN108768654A (en) * 2018-04-09 2018-11-06 平安科技(深圳)有限公司 Auth method, server based on Application on Voiceprint Recognition and storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112989299A (en) * 2021-03-11 2021-06-18 恒睿(重庆)人工智能技术研究院有限公司 Interactive identity recognition method, system, device and medium

Similar Documents

Publication Publication Date Title
US10346642B2 (en) Keyboard entry as an abbreviation to a contemporaneous gesture authentication
US9979721B2 (en) Method, server, client and system for verifying verification codes
US8862888B2 (en) Systems and methods for three-factor authentication
Tolosana et al. BioTouchPass2: Touchscreen password biometrics using time-aligned recurrent neural networks
CN111241517B (en) Method and device for constructing biological feature verification question-answer library
KR20190062401A (en) Remote use of locally stored biometric authentication data
WO2021244531A1 (en) Payment method and apparatus based on facial recognition
Huang et al. Development of a typing behaviour recognition mechanism on android
Jakobsson et al. Rethinking passwords to adapt to constrained keyboards
CN107533598B (en) Input method and device of login password of application program and terminal
US11902275B2 (en) Context-based authentication of a user
CN103714282A (en) Interactive type identification method based on biological features
WO2017170203A1 (en) Biological data registration support device, biological data registration support system, biological data registration support method, biological data registration support program, recording medium for storing biological data registration support program
WO2020024415A1 (en) Voiceprint recognition processing method and apparatus, electronic device and storage medium
WO2021244471A1 (en) Real-name authentication method and device
CN111181981A (en) Processing method and device and computer equipment
WO2023092345A1 (en) Identity authentication method and apparatus, and terminal, storage medium and program product
US11163869B2 (en) Identity authentication without entry of password
CN104009963B (en) The security authentication mechanism of remote password
JP2001052181A (en) Personal authenticating method and recording medium recording personal authentication program
JP2002014695A (en) Method and device for interactive personal identification
AU2021106052A4 (en) An enhanced recognition based image authentication method to save system time and memory
US20230325481A1 (en) Method and System for Authentication of a Subject by a Trusted Contact
CN109274693B (en) Morse code-based data registering method and user equipment
CN112950832B (en) Password verification method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200519